際際滷

際際滷Share a Scribd company logo

Transport Layer Security

Ibrahiem Mohammed
Ibrahiem Mohammed

TLS protocol provides transport layer security for internet applications by securing communications between clients and servers. It establishes an encrypted connection through a handshake that negotiates encryption algorithms and authentication, then uses symmetric encryption and message authentication codes to provide confidentiality and integrity for data transfer. TLS has evolved through several versions to strengthen security and address weaknesses in cryptographic algorithms.

1 of 27
Downloaded 35 times
TRANSPORT LAYER SECURITY -Amr Magdy Mahmoud - Ibrahim Albarki
PROF. HOSSSAM FAHMY Submitted to :
The Secure socket Layer protocol Transport Layer Security TLS protocol, sometimes referred to, secure sockets layer SSL protocol: Is a widely deployed protocol for securing client-server communications over the internet. TLS is designed to prevent eavesdropping, tampering, and message forgery.
The SSL protocol is: - Stateful, - connection-oriented, - and a client-server protocol. It provides: - Authentication, - integrity, - and confidentiality. Definition
According to the Internet Draft IETF of the SSL Protocol, the point of the protocol is to provide privacy and reliability between two communicating applications. Prof. Freier, Alan O. It is the most widely known as the protocol that, coupled with HTTP, secures the Web and uses the https URI scheme DEFINITION
History Before the web breaking, people accessed information on the internet using protocols such as: TELNET, FTP, and -a little later- Gopher. TLS faced at least two skirmishes, - IPSEC, it was by far realized in kernel space; whereas the TLS is realized in the user space. Ubiquitousness made the TLS won. - The protocol question, between Netscape's SSL and Microsofts private communications technology PCT that wasnt widely deployed.
History - versions - Netscape first development , 1.0, 1994. - The second SSL, 2.0, 1995. - SSL spread version, 3.0, 1996. - SSL henceforth referred to as TLS since it moved from Netscape to the IETF TLS working group (WG) in mid 1996. - First TLS, 1.0, 1999. - TLS 1.12006. - TLS 1.2, 2008. - TLS 1.3, currently under way.
SSL Protocol Design SSL 3.0 Design Handshaking Protocol Record Protocol Handshaking Protocol Functionalities: - Negotiates the cipher suite, - Authenticates the server and, optionally, the client and - Establishes the session keys. The Record Protocol: - Secures the application data with the session key, - Verifies the application datas integrity and origin.
SSL DESIGN architecture The handshaking Protocol actually has three sub-protocols. The Change Cipher Protocol informs the peer about the set of keys change request. The alert protocol notifies the peer about the cause of protocol failure, It is not normally sent during the handshake protocol. Diagram by, the computer science and Engineering Department, The Ohio State University.
A Sessions Work-flow
Key exchange algorithms - Anonymous Diffie-Hellman (DH) - Ephemeral Diffie-Hellman (DHE) Using DH or DHE, no need to send a server or client certification message, certificate request or verify messages; instead, server sends a server key-exchange message that provide information to encrypt the premaster secret. An option to negotiate a pre-shared key PSK exists.
Key exchange algorithms - RSA; one of the first practicable public-key cryptosystems. Using PSK, An option is also available to support Secure Remote Passwords SRP cipher suites.
A final word TLS got its name from its record protocol since it performs in a transport-like manner. TLS handles fragmenting, receiving, and defragmenting. Depending on the negotiated algorithms, data can be compresses, message authentication coded (MACed), and encrypted before transmission and vice versa reversed receival. The important point, is that the TLS can be configured to operate as securely as possible or in some horrifically broken way. Cryptographic algorithms weaken over time, so its a good idea to check the servers configuration file to make sure of the ciphers strength.
TLS 1.3 Incoming goals - Encrypt as much of the handshake as possible - Reduce handshake latency - Update payload protection to address cipher weaknesses - Reevaluate handshake content
Summary TLS protocol provides transport layer security for Internet applications and confidentiality using symmetric key cryptography and data integrity using a keyed MAC, it also includes functionality for client and server authentication using public key cryptography.
Transport Layer Security
The Problem The Problem securing client-server communications over the internet.
Transport Layer Security
Solution Solution Setup Some Security (TLS)
The Story
The Story
The Story
The Story
The Story
The Story
The Story
Transport Layer Security

More Related Content

Transport Layer Security

  • 1. TRANSPORT LAYER SECURITY -Amr Magdy Mahmoud - Ibrahim Albarki
  • 3. The Secure socket Layer protocol Transport Layer Security TLS protocol, sometimes referred to, secure sockets layer SSL protocol: Is a widely deployed protocol for securing client-server communications over the internet. TLS is designed to prevent eavesdropping, tampering, and message forgery.
  • 4. The SSL protocol is: - Stateful, - connection-oriented, - and a client-server protocol. It provides: - Authentication, - integrity, - and confidentiality. Definition
  • 5. According to the Internet Draft IETF of the SSL Protocol, the point of the protocol is to provide privacy and reliability between two communicating applications. Prof. Freier, Alan O. It is the most widely known as the protocol that, coupled with HTTP, secures the Web and uses the https URI scheme DEFINITION
  • 6. History Before the web breaking, people accessed information on the internet using protocols such as: TELNET, FTP, and -a little later- Gopher. TLS faced at least two skirmishes, - IPSEC, it was by far realized in kernel space; whereas the TLS is realized in the user space. Ubiquitousness made the TLS won. - The protocol question, between Netscape's SSL and Microsofts private communications technology PCT that wasnt widely deployed.
  • 7. History - versions - Netscape first development , 1.0, 1994. - The second SSL, 2.0, 1995. - SSL spread version, 3.0, 1996. - SSL henceforth referred to as TLS since it moved from Netscape to the IETF TLS working group (WG) in mid 1996. - First TLS, 1.0, 1999. - TLS 1.12006. - TLS 1.2, 2008. - TLS 1.3, currently under way.
  • 8. SSL Protocol Design SSL 3.0 Design Handshaking Protocol Record Protocol Handshaking Protocol Functionalities: - Negotiates the cipher suite, - Authenticates the server and, optionally, the client and - Establishes the session keys. The Record Protocol: - Secures the application data with the session key, - Verifies the application datas integrity and origin.
  • 9. SSL DESIGN architecture The handshaking Protocol actually has three sub-protocols. The Change Cipher Protocol informs the peer about the set of keys change request. The alert protocol notifies the peer about the cause of protocol failure, It is not normally sent during the handshake protocol. Diagram by, the computer science and Engineering Department, The Ohio State University.
  • 11. Key exchange algorithms - Anonymous Diffie-Hellman (DH) - Ephemeral Diffie-Hellman (DHE) Using DH or DHE, no need to send a server or client certification message, certificate request or verify messages; instead, server sends a server key-exchange message that provide information to encrypt the premaster secret. An option to negotiate a pre-shared key PSK exists.
  • 12. Key exchange algorithms - RSA; one of the first practicable public-key cryptosystems. Using PSK, An option is also available to support Secure Remote Passwords SRP cipher suites.
  • 13. A final word TLS got its name from its record protocol since it performs in a transport-like manner. TLS handles fragmenting, receiving, and defragmenting. Depending on the negotiated algorithms, data can be compresses, message authentication coded (MACed), and encrypted before transmission and vice versa reversed receival. The important point, is that the TLS can be configured to operate as securely as possible or in some horrifically broken way. Cryptographic algorithms weaken over time, so its a good idea to check the servers configuration file to make sure of the ciphers strength.
  • 14. TLS 1.3 Incoming goals - Encrypt as much of the handshake as possible - Reduce handshake latency - Update payload protection to address cipher weaknesses - Reevaluate handshake content
  • 15. Summary TLS protocol provides transport layer security for Internet applications and confidentiality using symmetric key cryptography and data integrity using a keyed MAC, it also includes functionality for client and server authentication using public key cryptography.
  • 17. The Problem The Problem securing client-server communications over the internet.